update SSO login logic

* ISSUE-339: oidc login

* ISSUE-338: settings

---------

Co-authored-by: Tatevik <[email protected]>

Author: TatevikGr

public_html/lists/admin/index.php

@@ -375,7 +375,7 @@ function mb_strtolower($string)
         //$msg = 'Not logged in';
         $logged = false;
         foreach ($GLOBALS['plugins'] as $pluginname => $plugin) {
-            if ($pluginname == 'simplesaml' && !isset($_GET['sso'])) {
+            if ($pluginname == 'simplesaml' && !isset($_GET[$GLOBALS['plugins'][$pluginname]->autUrl])) {
                 continue;
             }
             if ($plugin->login()) {

public_html/lists/admin/init.php

@@ -647,7 +647,11 @@
 if (!isset($allowed_referrers) || !is_array($allowed_referrers)) {
     $allowed_referrers = array();
 }
-if (isset($_SERVER['HTTP_ORIGIN']) && defined('ACCESS_CONTROL_ALLOW_ORIGINS') && in_array($_SERVER['HTTP_ORIGIN'], ACCESS_CONTROL_ALLOW_ORIGINS)) {
+if (
+    isset($_SERVER['HTTP_ORIGIN'])
+    && defined('ACCESS_CONTROL_ALLOW_ORIGINS')
+    && in_array($_SERVER['HTTP_ORIGIN'], ACCESS_CONTROL_ALLOW_ORIGINS)
+) {
     define('ACCESS_CONTROL_ALLOW_ORIGIN', $_SERVER['HTTP_ORIGIN']);
 } elseif (!defined('ACCESS_CONTROL_ALLOW_ORIGIN')) {
     define('ACCESS_CONTROL_ALLOW_ORIGIN', $GLOBALS['scheme'].'://'.$_SERVER['HTTP_HOST']);

public_html/lists/admin/login.php

@@ -43,12 +43,31 @@ function footer()
     echo $GLOBALS['I18N']->get('Enter your email address').': </p><input type="text" name="forgotpassword" value="" size="30" />';
     echo '  <input class="submit" type="submit" name="process" value="'.$GLOBALS['I18N']->get('Send password').'" />';
     echo '  <div class="clear"></div>';
-    if (isset($GLOBALS['plugins']['simplesaml'])) {
-        echo '<a href="?sso" style="display: inline-block; padding: 5px 10px; background-color: #2c2c2c; color: #fff; text-decoration: none; border-radius: 5px; font-size: 16px; text-align: center;"">SSO login</a>';
-    }
     echo '</div></form>';
 }
 
+function renderSSO()
+{
+    if (!empty($GLOBALS['ssoplugin'])) {
+        echo '<form method="post" id="forgotpassword-form" action="">';
+        echo '<div style="display: flex; justify-content: space-around; align-items: center;">';
+
+        foreach ($GLOBALS['ssoplugin'] as $plugin) {
+            $ssoUrl = $GLOBALS['plugins'][$plugin]->autUrl;
+            $buttonText = 'Login with ' . $GLOBALS['plugins'][$plugin]->settings['display_name']['value'];
+
+            echo '<a href="?' . $ssoUrl . '" 
+            style="display: inline-block; padding: 8px 15px; background-color: #3c3c3c; color: #fff; 
+                   text-decoration: none; border-radius: 5px; font-size: 16px; text-align: center; 
+                   min-width: 120px;">
+            ' .  $buttonText . '
+          </a>';
+        }
+
+        echo '</div>';
+        echo '</form>';
+    }
+}
 //Delete from the DB every token older than certain elapsed time.
 function deleteOldTokens()
 {
@@ -119,16 +138,20 @@ function deleteOldTokens()
         exit;
     }
 } else {
-    echo "<form method=\"post\" id=\"login-form\" action=\"\">\n";
-    echo "  <input type=\"hidden\" name=\"page\" value=\"$page\" />\n";
-    echo "  <table class=\"loginPassUpdate\" width=\"100%\" border=\"0\" cellpadding=\"2\" cellspacing=\"0\">\n";
-    echo '    <tr><td><span class="general">'.$GLOBALS['I18N']->get('Name').":</span></td></tr>\n";
-    echo '    <tr><td><input type="text" name="login" value="" size="30"  autofocus="autofocus" /></td></tr>';
-    echo '    <tr><td><span class="general">'.$GLOBALS['I18N']->get('Password').':</span></td></tr>';
-    echo '    <tr><td><input type="password" name="password" value="" size="30" /></td></tr>';
-    echo '    <tr><td><input class="submit" type="submit" name="process" value="'.$GLOBALS['I18N']->get('Continue').'" /></td></tr>';
-    echo '  </table>';
-    echo '</form>';
-    footer();
+    $showDefaultLogin = !isset($GLOBALS['ssoplugin']) || !getConfig('hide_default_login');
+    if ($showDefaultLogin) {
+        echo "<form method=\"post\" id=\"login-form\" action=\"\">\n";
+        echo "  <input type=\"hidden\" name=\"page\" value=\"$page\" />\n";
+        echo "  <table class=\"loginPassUpdate\" width=\"100%\" border=\"0\" cellpadding=\"2\" cellspacing=\"0\">\n";
+        echo '    <tr><td><span class="general">'.$GLOBALS['I18N']->get('Name').":</span></td></tr>\n";
+        echo '    <tr><td><input type="text" name="login" value="" size="30"  autofocus="autofocus" /></td></tr>';
+        echo '    <tr><td><span class="general">'.$GLOBALS['I18N']->get('Password').':</span></td></tr>';
+        echo '    <tr><td><input type="password" name="password" value="" size="30" /></td></tr>';
+        echo '    <tr><td><input class="submit" type="submit" name="process" value="'.$GLOBALS['I18N']->get('Continue').'" /></td></tr>';
+        echo '  </table>';
+        echo '</form>';
+        footer();
+    }
+    renderSSO();
 }
 ?>

public_html/lists/admin/pluginlib.php

@@ -12,6 +12,7 @@
 $GLOBALS['emailsenderplugin'] = false;
 $GLOBALS['analyticsqueryplugin'] = false;
 $GLOBALS['updaterplugin'] = false;
+$GLOBALS['ssoplugin'] = [];
 
 $pluginRootDirs = array();
 if (PLUGIN_ROOTDIRS != '') {
@@ -111,6 +112,10 @@
                     ) {
                         $GLOBALS['editorplugin'] = $className;
                     }
+                    if (method_exists($pluginInstance, 'login') && isset($pluginInstance->ssoProvider))
+                    {
+                        $GLOBALS['ssoplugin'][] = $className;
+                    }
                     if (!$GLOBALS['authenticationplugin'] && $pluginInstance->authProvider && method_exists($pluginInstance,
                             'validateLogin')
                     ) {